Skip to main content
A blog about stuff I do
  1. Posts/

"Dog" by Hack The Box - An "Easy" Linux Box Writeup

·224 words·2 mins
Lacroix Raphaël (Chepycou)
Author
Lacroix Raphaël (Chepycou)
I’m Raphaël LACROIX, a French computer scientist developping various applications in my free time ranging from definitely useless to somewhat usefull. I also do quite a lot of Capture the flag and cybersecurity challenges.
Table of Contents
Hack The Box Easy Boxes - This article is part of a series.
Part : "Code" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Fluffy" by Hack The Box - An "Easy" Linux Box Writeup
Part : This Article
Part : "Titanic" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Planning" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Underpass" by Hack The Box - An Easy Linux Box Writeup
Part : "Nocturnal" by Hack The Box - An Easy Linux Box Writeup

This box is an “Easy” Linux box by HackTheBox

User flag
#

Usual first scans :
# 

mkdir scans loot shares
nmap -A 10.10.11.58 -vvv -oA scans/first_scan
nmap -A 10.10.11.58 -vvv -p- -oA scans/full_scan
nmap -sU -A 10.10.11.58 --top-port 100 -vvv -oA scans/first_scan_udp

22/tcp open  ssh     syn-ack ttl 63 OpenSSH 8.2p1 Ubuntu 4ubuntu0.12 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey: 
|   3072 97:2a:d2:2c:89:8a:d3:ed:4d:ac:00:d2:1e:87:49:a7 (RSA)
| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDEJsqBRTZaxqvLcuvWuqOclXU1uxwUJv98W1TfLTgTYqIBzWAqQR7Y6fXBOUS6FQ9xctARWGM3w3AeDw+MW0j+iH83gc9J4mTFTBP8bXMgRqS2MtoeNgKWozPoy6wQjuRSUammW772o8rsU2lFPq3fJCoPgiC7dR4qmrWvgp5TV8GuExl7WugH6/cTGrjoqezALwRlKsDgmAl6TkAaWbCC1rQ244m58ymadXaAx5I5NuvCxbVtw32/eEuyqu+bnW8V2SdTTtLCNOe1Tq0XJz3mG9rw8oFH+Mqr142h81jKzyPO/YrbqZi2GvOGF+PNxMg+4kWLQ559we+7mLIT7ms0esal5O6GqIVPax0K21+GblcyRBCCNkawzQCObo5rdvtELh0CPRkBkbOPo4CfXwd/DxMnijXzhR/lCLlb2bqYUMDxkfeMnmk8HRF+hbVQefbRC/+vWf61o2l0IFEr1IJo3BDtJy5m2IcWCeFX3ufk5Fme8LTzAsk6G9hROXnBZg8=
|   256 27:7c:3c:eb:0f:26:e9:62:59:0f:0f:b1:38:c9:ae:2b (ECDSA)
| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBM/NEdzq1MMEw7EsZsxWuDa+kSb+OmiGvYnPofRWZOOMhFgsGIWfg8KS4KiEUB2IjTtRovlVVot709BrZnCvU8Y=
|   256 93:88:47:4c:69:af:72:16:09:4c:ba:77:1e:3b:3b:eb (ED25519)
|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPMpkoATGAIWQVbEl67rFecNZySrzt944Y/hWAyq4dPc
80/tcp open  http    syn-ack ttl 63 Apache httpd 2.4.41 ((Ubuntu))
|_http-generator: Backdrop CMS 1 (https://backdropcms.org)
| http-methods: 
|_  Supported Methods: GET HEAD POST OPTIONS
|_http-title: Home | Dog
| http-robots.txt: 22 disallowed entries 
| /core/ /profiles/ /README.md /web.config /admin 
| /comment/reply /filter/tips /node/add /search /user/register 
| /user/password /user/login /user/logout /?q=admin /?q=comment/reply 
| /?q=filter/tips /?q=node/add /?q=search /?q=user/password 
|_/?q=user/register /?q=user/login /?q=user/logout
|_http-server-header: Apache/2.4.41 (Ubuntu)
| http-git: 
|   10.10.11.58:80/.git/
|     Git repository found!
|     Repository description: Unnamed repository; edit this file 'description' to name the...
|_    Last commit message: todo: customize url aliases.  reference:https://docs.backdro...
|_http-favicon: Unknown favicon MD5: 3836E83A3E835A26D789DDA9E78C5510
The content of this article is currently restricted due to HackTheBox’s policies. This blog post will remain private until the machine is retired. Have fun and don’t hesitate to DM me to ask questions on the HTB discord ;)

In the meantime you can follow me on HTB :

Chepycou

Hack The Box Easy Boxes - This article is part of a series.
Part : "Code" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Fluffy" by Hack The Box - An "Easy" Linux Box Writeup
Part : This Article
Part : "Titanic" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Planning" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Underpass" by Hack The Box - An Easy Linux Box Writeup
Part : "Nocturnal" by Hack The Box - An Easy Linux Box Writeup